467f7b1585
This adds standard OAuth2 client credentials and bearer token support as well as scope-based authorization checks for REST API clients. Note that this initial implementation should not be used in production and that the access token limit has not been implemented yet. Signed-off-by: Michael Mayer <michael@photoprism.app>
25 lines
526 B
Go
25 lines
526 B
Go
package api
|
|
|
|
import (
|
|
"github.com/photoprism/photoprism/internal/entity"
|
|
"github.com/photoprism/photoprism/internal/get"
|
|
)
|
|
|
|
// Session finds the client session for the given ID or returns nil otherwise.
|
|
func Session(id string) *entity.Session {
|
|
// Skip authentication if app is running in public mode.
|
|
if get.Config().Public() {
|
|
return get.Session().Public()
|
|
} else if id == "" {
|
|
return nil
|
|
}
|
|
|
|
// Find session or otherwise return nil.
|
|
s, err := get.Session().Get(id)
|
|
|
|
if err != nil {
|
|
return nil
|
|
}
|
|
|
|
return s
|
|
}
|